Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/e25540-6683-452a-a173-1d4f4f96dad4/1/IrhS28ZQalG1X-QEHHpFyin0mYk.roa
File:                     IrhS28ZQalG1X-QEHHpFyin0mYk.roa (raw, json)
Hash identifier:          HFpXw7/ZfG59koQEY/S4hvw/YWRHa7fqcxh/zXCmiCw=
Subject key identifier:   22:B8:52:DB:C6:50:6A:51:B5:5F:E4:04:1C:7A:45:CA:29:F4:99:89
Certificate issuer:       /CN=d1b7acbbe65427c3e361154efc3e9b38accdc90c
Certificate serial:       0433A1F1
Authority key identifier: D1:B7:AC:BB:E6:54:27:C3:E3:61:15:4E:FC:3E:9B:38:AC:CD:C9:0C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0besu-ZUJ8PjYRVO_D6bOKzNyQw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/e25540-6683-452a-a173-1d4f4f96dad4/1/IrhS28ZQalG1X-QEHHpFyin0mYk.roa
Signing time:             Sat 01 Jan 2022 10:58:09 +0000
ROA not before:           Sat 01 Jan 2022 10:58:09 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     8426
IP address blocks:        193.193.169.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 70492657 (0x433a1f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d1b7acbbe65427c3e361154efc3e9b38accdc90c
        Validity
            Not Before: Jan  1 10:58:09 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=22b852dbc6506a51b55fe4041c7a45ca29f49989
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:fe:45:f0:ed:b1:db:84:fd:ea:46:96:3d:15:
                    e6:57:13:db:f0:fc:7b:c3:5f:74:4d:f7:be:ee:1f:
                    a8:c7:a7:17:d2:e4:81:e2:0b:23:b9:24:73:d1:75:
                    d6:89:cf:20:79:bb:40:11:dc:f4:a5:c2:d8:36:6d:
                    e0:49:ee:e1:9a:7d:c4:bc:ad:2f:be:84:c2:d7:91:
                    00:86:6d:8a:2c:43:7e:b9:a0:a4:82:aa:51:39:19:
                    f5:a6:d3:3c:b2:07:7a:8f:5e:a2:40:4a:d8:8a:46:
                    13:d3:89:09:42:f3:14:c3:25:c9:d5:0f:53:d9:e0:
                    06:b1:1b:e2:ee:bb:af:fc:2d:9a:7b:f7:d5:17:38:
                    45:ad:3f:87:d7:f4:79:6c:87:8e:77:f9:bf:b7:46:
                    8f:82:25:99:af:eb:54:68:24:4b:30:90:31:b4:7a:
                    f4:d2:96:b4:2e:22:08:c9:47:0b:53:fc:43:29:68:
                    fe:02:c1:14:fe:b0:7b:08:07:76:7a:43:49:c7:56:
                    61:64:15:c2:2d:f0:0e:7e:71:75:d6:1d:11:f2:bb:
                    49:bb:b4:33:2b:ab:98:b3:42:39:b5:36:71:fe:9f:
                    f1:7b:67:f1:a9:33:3f:b6:14:4c:8b:29:d8:19:93:
                    58:fd:26:f4:7c:88:08:09:da:17:c9:d2:71:0a:23:
                    3f:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:B8:52:DB:C6:50:6A:51:B5:5F:E4:04:1C:7A:45:CA:29:F4:99:89
            X509v3 Authority Key Identifier:
                keyid:D1:B7:AC:BB:E6:54:27:C3:E3:61:15:4E:FC:3E:9B:38:AC:CD:C9:0C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0besu-ZUJ8PjYRVO_D6bOKzNyQw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/e25540-6683-452a-a173-1d4f4f96dad4/1/IrhS28ZQalG1X-QEHHpFyin0mYk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/e25540-6683-452a-a173-1d4f4f96dad4/1/0besu-ZUJ8PjYRVO_D6bOKzNyQw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.193.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:54:81:9f:67:ee:75:83:2e:1d:ab:0e:5a:de:4b:29:13:f2:
         65:21:70:4b:2f:82:68:93:26:db:2e:44:d7:e7:9d:57:7e:b8:
         8a:09:1a:54:0f:bd:ca:83:e1:17:c9:64:40:7a:38:ce:fe:6b:
         72:c9:da:c7:06:5f:29:a2:51:ee:69:32:a0:33:ab:51:3f:92:
         fe:fe:e0:dd:3b:d3:fa:5f:50:41:5f:78:d1:9a:90:9a:04:db:
         3f:62:1b:22:f7:0e:98:69:ad:83:9f:31:d0:68:1f:73:1c:9a:
         2f:97:bc:cd:8c:b5:52:08:1a:86:23:d7:29:13:36:82:bd:52:
         71:a9:97:d2:34:c6:1d:4d:b7:8b:8c:d2:81:06:e6:57:af:be:
         23:e1:1f:bb:8c:d5:6a:e9:78:a2:23:e8:0a:17:4d:36:2b:fd:
         8c:c7:84:5a:d3:37:81:f4:cc:85:cb:de:90:ad:0c:b2:69:24:
         69:c6:44:6e:e2:8d:21:15:81:14:c4:73:bd:59:f4:64:8f:c3:
         38:f3:24:66:2a:61:c2:f5:7f:e0:f5:e6:f1:b1:fa:d4:94:0f:
         49:83:f0:1b:1a:88:6c:75:82:9b:2f:70:65:35:fa:0b:90:0d:
         1e:5d:8c:e4:7e:46:f0:d6:a7:d0:79:29:46:ff:05:5d:82:b8:
         85:15:c9:04
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBDOh8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MWI3YWNiYmU2NTQyN2MzZTM2MTE1NGVmYzNlOWIzOGFjY2RjOTBjMB4XDTIyMDEw
MTEwNTgwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJiODUyZGJjNjUw
NmE1MWI1NWZlNDA0MWM3YTQ1Y2EyOWY0OTk4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJz+RfDtsduE/epGlj0V5lcT2/D8e8NfdE33vu4fqMenF9Lk
geILI7kkc9F11onPIHm7QBHc9KXC2DZt4Enu4Zp9xLytL76EwteRAIZtiixDfrmg
pIKqUTkZ9abTPLIHeo9eokBK2IpGE9OJCULzFMMlydUPU9ngBrEb4u67r/wtmnv3
1Rc4Ra0/h9f0eWyHjnf5v7dGj4Ilma/rVGgkSzCQMbR69NKWtC4iCMlHC1P8Qylo
/gLBFP6wewgHdnpDScdWYWQVwi3wDn5xddYdEfK7Sbu0MyurmLNCObU2cf6f8Xtn
8akzP7YUTIsp2BmTWP0m9HyICAnaF8nScQojP5ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQiuFLbxlBqUbVf5AQcekXKKfSZiTAfBgNVHSMEGDAWgBTRt6y75lQnw+Nh
FU78Pps4rM3JDDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBiZXN1LVpVSjhQallSVk9fRDZiT0t6TnlRdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvZTI1NTQwLTY2ODMtNDUyYS1hMTczLTFkNGY0Zjk2ZGFkNC8x
L0lyaFMyOFpRYWxHMVgtUUVISHBGeWluMG1Zay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
ZTI1NTQwLTY2ODMtNDUyYS1hMTczLTFkNGY0Zjk2ZGFkNC8xLzBiZXN1LVpVSjhQ
allSVk9fRDZiT0t6TnlRdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHBqTANBgkqhkiG9w0BAQsFAAOC
AQEAeVSBn2fudYMuHasOWt5LKRPyZSFwSy+CaJMm2y5E1+edV364igkaVA+9yoPh
F8lkQHo4zv5rcsnaxwZfKaJR7mkyoDOrUT+S/v7g3TvT+l9QQV940ZqQmgTbP2Ib
IvcOmGmtg58x0GgfcxyaL5e8zYy1UggahiPXKRM2gr1ScamX0jTGHU23i4zSgQbm
V6++I+Efu4zVaul4oiPoChdNNiv9jMeEWtM3gfTMhcvekK0MsmkkacZEbuKNIRWB
FMRzvVn0ZI/DOPMkZiphwvV/4PXm8bH61JQPSYPwGxqIbHWCmy9wZTX6C5ANHl2M
5H5G8Nan0HkpRv8FXYK4hRXJBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:05 2024 by rpki-client on console-fra.rpki-client.org